CCSP exam

With IaaS, what is responsible for handling the security and control over the volume storage space?A . Management planeB . Operating systemC . ApplicationD . HypervisorView AnswerAnswer: B Explanation: Volume storage is allocated via a LUN to a system and then treated the same as any traditional storage. The operating...

Which of the following tasks within a SaaS environment would NOT be something the cloud customer would be responsible for?A . Authentication mechanismB . BrandingC . TrainingD . User accessView AnswerAnswer: A Explanation: The authentication mechanisms and implementations are the responsibility of the cloud provider because they are core components...

Over time, what is a primary concern for data archiving?A . Size of archivesB . Format of archivesC . RecoverabilityD . Regulatory changesView AnswerAnswer: C Explanation: Over time, maintaining the ability to restore and read archives is a primary concern for data archiving. As technologies change and new systems are...

Which data point that auditors always desire is very difficult to provide within a cloud environment?A . Access policyB . Systems architectureC . BaselinesD . Privacy statementView AnswerAnswer: B Explanation: Cloud environments are constantly changing and often span multiple physical locations. A cloud customer is also very unlikely to have...

A DLP solution/implementation has three main components. Which of the following is NOT one of the three main components?A . MonitoringB . EnforcementC . AuditingD . Discovery and classificationView AnswerAnswer: C Explanation: Auditing, which can be supported to varying degrees by DLP solutions, is not a core component of them....

Which of the following roles is responsible for preparing systems for the cloud, administering and monitoring services, and managing inventory and assets?A . Cloud service business managerB . Cloud service deployment managerC . Cloud service operations managerD . Cloud service managerView AnswerAnswer: C Explanation: The cloud service operations manager is...

Which crucial aspect of cloud computing can be most threatened by insecure APIs?A . AutomationB . RedundancyC . Resource poolingD . ElasticityView AnswerAnswer: A Explanation: Cloud environments depend heavily on API calls for management and automation. Any vulnerability with the APIs can cause significant risk and exposure to all tenants...

Digital investigations have adopted many of the same methodologies and protocols as other types of criminal or scientific inquiries. What term pertains to the application of scientific norms and protocols to digital investigations?A . ScientificB . InvestigativeC . MethodologicalD . ForensicsView AnswerAnswer: D Explanation: Forensics refers to the application of...

Which security concept, if implemented correctly, will protect the data on a system, even if a malicious actor gains access to the actual system?A . SandboxingB . EncryptionC . FirewallsD . Access controlView AnswerAnswer: B Explanation: In any environment, data encryption is incredibly important to prevent unauthorized exposure of data...

What concept does the "D" represent with the STRIDE threat model?A . Data lossB . Denial of serviceC . Data breachD . DistributedView AnswerAnswer: B Explanation: Any application can be a possible target of denial-of-service (DoS) attacks. From the application side, the developers should minimize how many operations are performed...